Skip to content
Apothem
संदर्भ

कमांड

प्लान-सूट पाइपलाइन को लागू करने वाली स्लैश-कमांड परिभाषाएँ, साथ ही कोड, आर्किटेक्चर, सुरक्षा, निर्भरताओं, और दस्तावेज़ीकरण समीक्षा के लिए ऑडिट।

स्लैश-कमांड परिभाषाएँ src/apothem/commands/ के अंतर्गत सपाट .md फ़ाइलों के रूप में रहती हैं। विहित सेट का नेतृत्व आर्किटेक्चर-जागरूक प्लान-सूट पाइपलाइन करती है, जो सात प्रथम-श्रेणी कमांड के रूप में शिप होती है — प्रति चरण एक, प्रत्येक सीधे /plan-<stage> के रूप में आह्वान-योग्य। कोई अखंड डिस्पैचर नहीं है; हर चरण src/apothem/commands/plan-<stage>.md पर अपनी स्वयं की पंजीकृत कमांड फ़ाइल है।

आह्वानकमांड फ़ाइलविवरण
/plan-specsrc/apothem/commands/plan-spec.mdअसंरचित सामग्री को स्पेक-श्रेणी की गद्य में परिष्कृत करें
/plan-generatesrc/apothem/commands/plan-generate.mdगद्य / आवश्यकताओं से एक प्लान सूट मूर्त रूप दें
/plan-reviewsrc/apothem/commands/plan-review.mdस्कोरकार्ड के साथ फ़ोरेंसिक ऑडिट
/plan-designsrc/apothem/commands/plan-design.mdआर्किटेक्चर-धारक सूट के लिए _inputs/design.md उत्सर्जित करें
/plan-executesrc/apothem/commands/plan-execute.mdगुणवत्ता गेट के साथ एक चरण निष्पादित करें
/plan-statussrc/apothem/commands/plan-status.mdकेवल-पठन प्रगति रिपोर्ट
/plan-amendsrc/apothem/commands/plan-amend.mdहल किए गए निर्णयों को खोए बिना किसी मौजूदा सूट को संशोधित, विस्तारित, परिष्कृत, या प्रत्यावर्तित करें
/plan-auditsrc/apothem/commands/plan-audit.mdसक्रिय उपचार के साथ spec → generate → review का बंद-लूप आवरण (लंबवत, पूर्व-निष्पादन)

प्लान पाइपलाइन से परे, इसके साथ संपूर्ण-प्रोजेक्ट टूल कमांड शिप होते हैं — ताज़गी और रिलीज़ के लिए /freshify, /github-deploy-fresh, /github-deploy-next और /elevate; बहु-एजेंट समीक्षा और संयोजन के लिए /audit, /fortress और /workflow; चैट-ऐप प्रोजेक्ट उन्नयन के लिए /projectify — साथ ही ग्यारह ऑडिट/समीक्षा पास और /research पाइपलाइन:

आह्वानकमांड फ़ाइलविवरण
/freshifysrc/apothem/commands/freshify.mdकिसी प्रोजेक्ट को ताज़ा, ट्रेस-मुक्त, और उत्पादन-तैयार बनाएँ; हर विनाशकारी कदम पुष्टि-द्वारबद्ध
/github-deploy-freshsrc/apothem/commands/github-deploy-fresh.mdएकल ताज़ा प्रथम-संस्करण रिलीज़ उत्पन्न करने वाला /freshify का GitHub विशेषीकरण
/github-deploy-nextsrc/apothem/commands/github-deploy-next.mdGitHub रिलीज़ सतह पर एक पूर्ण अगला-रिलीज़ चक्र चलाएँ
/elevatesrc/apothem/commands/elevate.mdस्वतंत्र समीक्षकों के माध्यम से हर प्रोजेक्ट सतह को वर्तमान SOTA तक उठाएँ, फिर /freshify को सौंप दें

संपूर्ण, सत्य-स्रोत कमांड सेट — ऑडिट-समीक्षा अनुक्रम सहित — इस पृष्ठ के निचले हिस्से में उत्पन्न सूची है।

Frontmatter कॉन्ट्रैक्ट

हर कमांड फ़ाइल विहित आठ-कुंजी frontmatter धारण करती है। मशीन-पठनीय कॉन्ट्रैक्ट command.schema.json (additionalProperties: false) है; यह ब्लॉक उसे प्रतिबिंबित करता है:

---
name: <slash-command name without leading slash>
version: <semver>
updated: <YYYY-MM-DD>
description: <one-line role>
argument-hint: <placeholder for the slash-command argument>
disable-model-invocation: <true | false>
portability: <portability classification, e.g. universal>
allowed-tools: <comma-separated tool list, or "*">
---

वैलिडेटर की frontmatter-cohort जाँच (Command शाखा) हर कमांड फ़ाइल पर कॉन्ट्रैक्ट को सत्यापित करती है।

लेखन अनुशासन

  • स्व-निहित वर्कफ़्लो। हर कमांड का मुख्य भाग वर्कफ़्लो को क्रमांकित चरणों के रूप में सूचीबद्ध करता है ताकि सहायक ठंडी शुरुआत से निष्पादित कर सके।
  • Bindings ब्लॉक। हर कमांड विहित पाँच-दिशा Bindings ब्लॉक के साथ समाप्त होता है।
  • केवल डोमेन भाषा। मुख्य भागों में कोई प्लान-आंतरिक संदर्भ नहीं।

उत्पन्न कमांड सूची

NameDescriptionSource
READMESlash-command definitions — flat .md files, each defining one /command-name invocable. A command file's YAML frontmatter declares the command's identity and argument surface; isrc/apothem/commands/README.md
a11y-auditOperator-driven accessibility audit pass against WCAG 2.2 AA. Walks every rendered page of a deployed web surface (documentation site, landing portal, in-app surfaces) via ax-core + Pa11y + Lighthouse Accessibility, attests each issue against the WCAG 2.2 success-criterion catalog (including the six 2.2-new criteria — 2.4.11 Focus Not Obscured, 2.5.7 Dragging Movements, 2.5.8 Target Size, 3.3.7 Redundant Entry, 3.3.8 Accessible Authentication, plus the carried-forward AA floor), and emits per-page findings — HIGH/MEDIUM/LOW severity-triaged with concrete-driver rationale per finding. Read-only diagnostics; never remediates. Output lands at the consuming suite's _inputs/a11y-audit-findings.md. Invoke with a site path or URL, or --focus PAGE_OR_DIR to audit a recent docs change-set incrementally.src/apothem/commands/a11y-audit.md
architecture-reviewPerforms an architectural-integrity review of a target repository against its design artifact at _inputs/design.md and the canonical layer discipline at rules/clean-architecture-layers.md. Five-phase pipeline (Input Ingest · Design-to-Code Traceability Walk · Layer-Boundary Integrity Audit · Cross-Package Coupling Sweep · Findings Emission + Validation Gate) audits layer-boundary integrity, harness-adapter abstraction integrity, src-layout integrity, CLI surface coherence, entry-point registration completeness, and cross-package coupling. Emits _inputs/architecture-review-findings.md with HIGH / MEDIUM / LOW severity classifications grounded in concrete-driver rationale per the option-annotation rule.src/apothem/commands/architecture-review.md
auditThe audit fortress wrapped as a single dynamic multi-agent workflow. One call sweeps a deployed repository across all eleven audit/review dimensions — code-review, code-audit, architecture-review, docs-review, security-audit, dependency-audit, supply-chain-audit, threat-model-audit, perf-audit, a11y-audit, ux-review — by dispatching each as a parallel workflow phase under a named findings return contract, routing every finding through an EXTREMELY-CRITIQUE refute-by-default verification pass, and emitting one deterministic severity-triaged (HIGH/MEDIUM/LOW) findings report with a single recommended next move. Audit logic stays first-class in commands/<audit>.md and is individually invocable; this command adds only the workflow harness (parallel fan-out, independent critique, findings synthesis). Report-only — it NEVER remediates (remediation routes to /elevate for whole-repo elevation or to the owning surface); multi-agent dispatch is opt-in / confirmation-gated, never default-on. Invoke with a repository path, or --dimensions <list> to scope the sweep.src/apothem/commands/audit.md
code-auditCross-file forensic code audit operating at the repository-corpus scope rather than the per-file craft scope — six adversarial phases (Input Ingest · Cross-File Dependency Walk · Type-Hint + Coverage Audit · Dead-Code + Duplicate Detection · Architectural-Integrity Audit · Findings Emission + Validation Gate) interrogate cross-file consistency, hidden coupling, layer-boundary violations, type-hint accuracy under mypy --strict, test-coverage gaps against critical paths, dead code via vulture, duplicate code via pylint --disable=all --enable=duplicate-code, and architectural integrity at the implementation layer. Findings carry severity (HIGH / MEDIUM / LOW) with concrete-driver rationale and land at the consuming suite's _inputs/code-audit-findings.md ready for review-fortress consumption. Distinct from /code-review (per-file craft) — /code-audit is the cross-file forensic surface.src/apothem/commands/code-audit.md
code-reviewOperator-driven per-file code-quality review pass. Walks every source file under src/, scripts/, and tools/ in a deployed repository and emits per-file findings covering readability, maintainability, idiom-conformance, naming, complexity, magic-numbers, and comment-quality per the four code-craft rules (Python, shell, Markdown, universal-delegation) and the ten quality dimensions. Output lands at the consuming suite's _inputs/code-review-findings.md with HIGH / MEDIUM / LOW severity triage and concrete-driver rationale per finding. Distinct from /code-audit (cross-file forensic, repository-corpus scope) — /code-review is the per-file craft surface; not for plan-suite prose audits (use /plan-review) or remediation authoring (the command is read-only and never writes source).src/apothem/commands/code-review.md
dependency-auditOperator-driven per-dependency audit pass (direct + transitive). Walks every dependency declared in the repository's manifest files (pyproject.toml, package.json, Cargo.toml, go.mod, Gemfile, etc.) plus their resolved lockfile entries and emits per-dependency findings covering license compatibility, CVE status, deprecation status, replacement recommendation, transitive depth, pinned-vs-range posture, and security-relevant identification. Tooling: pip-audit + safety + osv-scanner + configured dependency-update automation insights. Output lands at the consuming suite's _inputs/dependency-audit-findings.md with HIGH / MEDIUM / LOW severity triage and concrete-driver rationale per finding.src/apothem/commands/dependency-audit.md
docs-reviewOperator-driven documentation review pass against rules/code-craft-markdown.md and rules/ten-dimension-check.md. Walks every Markdown page under the host docs source (Apothem: site/content/docs/) plus README, CONTRIBUTING, CHANGELOG, ADRs, and RFCs, then emits per-page findings covering prose clarity, sentence-level justification, precision-over-politeness, active-voice construction, hedge-elimination, link-integrity, code-block language tags, Mermaid verified metadata, citation completeness, and public-API coverage. Output lands at the consuming suite's _inputs/docs-review-findings.md with HIGH / MEDIUM / LOW severity triage and concrete-driver rationale per finding.src/apothem/commands/docs-review.md
elevateAggressive, zero-trust, open-loop MASTER repository-elevation command. DETECTS across every technically-auditable dimension by dispatching the report-only /audit fortress (reusing its eleven first-class passes — code-review, code-audit, architecture-review, docs-review, security-audit, dependency-audit, supply-chain-audit, threat-model-audit, perf-audit, a11y-audit, ux-review — never re-deriving them), then runs genuinely-independent critique agents over the SOTA-and-elevation dimensions no audit covers (storytelling, naming uniformity, cross-sync, consolidation/modularity, aesthetic SOTA, visualization/tabulation, extensibility), stopping at every nuance folder-by-folder, file-by-file, line-by-line, lifting each surface to current SOTA per rules/sota-elevation.md, remediating with the most appropriate action (destruction included; every destructive step confirmation-gated), propagating each change across the whole reference graph per rules/propagation.md, and culminating trace-free and production-ready by handing off to /freshify. Orchestration runs through the workflow harness (skills/workflow/SKILL.md) per rules/agent-orchestration.md; the command names no model tier and presets no effort. WARNING: a full run is a relentless multi-pass undertaking, not a quick amendment — bound a pass with --dimensions / --max-passes for a scoped run.src/apothem/commands/elevate.md
evalModel-agnostic language-model evaluation campaign. Defines an evaluation dataset and scorer using the eval-harness skill, runs a candidate model or prompt over the dataset, scores every output with the prompt-evaluator agent, aggregates campaign metrics plus a per-category breakdown, and emits a report that surfaces regressions against the prior baseline. Operates against any model provider — no single vendor is assumed; the dataset, scorer, and candidate endpoint are all operator-supplied. Output lands at the consuming suite's _inputs/eval-findings.md with per-category scores, aggregate metrics, and a regression ledger ready for downstream release-readiness review.src/apothem/commands/eval.md
fortressThe production-hardening fortress wrapped as a single dynamic multi-agent workflow. One call drives a repository from detected weaknesses to a hardened, release-gated state by closing the loop the report-only /audit leaves open: it dispatches /audit (the security-weighted dimension sweep) to DETECT, subjects every finding to an EXTREMELY-CRITIQUE refute-by-default verification pass, REMEDIATES each surviving finding at its owning surface through the minimal-diff surgical-guard skill (leaked secrets via secret-rotation, dependency CVEs via vuln-triage, broad lifts via scoped /elevate), RE-AUDITS until the walls hold (bounded by --max-rounds with a deterministic BLOCKED retreat per the iteration-safety discipline), and GATES the result through /release-readiness — emitting one deterministic fortress-posture report with a single recommended next move. Hardening logic stays first-class in the dispatched commands and skills; this command adds only the closed-loop harness (detect → verify → remediate → re-audit → gate). Distinct from report-only /audit, broad open-loop /elevate, and the single-verdict /release-readiness. Multi-agent dispatch, remediation, and continuous chaining are opt-in / confirmation-gated, never default-on; every irreversible step is per-action confirmed and every beyond-mission amendment disclosed. Invoke with a repository path, or --scope to weight the sweep.src/apothem/commands/fortress.md
freshifyHost- and forge-agnostic command that renders a project fresh, clean, trace-free, and production-ready. Purges caches and stale artifacts, removes legacy/obsolete narrative and back-references, normalizes file / folder naming to the host's ratified convention, drives every surface to maximal naturalness and coherence (no backward-compatibility / staleness / process-refinement narrative anywhere), enforces a current-version-only facade with a concise current-version changelog, and drives the host's discovered quality gates to green. In-place freshening is the default; every destructive step (cache purge, version-control-history rewrite, artifact deletion, file / folder rename, stale-run-trace removal) is confirmation-gated through the structured-inquiry channel. Carries zero host- or forge-specific vocabulary; every surface is discovered via rules/host-discovery.md, never named.src/apothem/commands/freshify.md
github-deploy-freshGitHub-specific specialization of /freshify that produces a single 100% fresh first-version release on origin/main — one templated release: <repo-name> v0.1.0 commit, strictly-green and maximal-score workflow cards (OpenSSF Scorecard where applicable), a curated concise first-version CHANGELOG, and zero residual GitHub traces (caches, branches, pull requests, prior releases/packages/deployments, failed runs, workflow-run history, draft/pre-releases, stale tags, gist/wiki traces, Pages build history, Actions run logs, environment/deployment records, branch-protection drift, git history). Inherits the agnostic freshening core from /freshify and adds only the forge-specific surface; in-place freshening is the default and every destructive step is confirmation-gated through the structured-inquiry channel.src/apothem/commands/github-deploy-fresh.md
github-deploy-nextSubsequent-release-cycle sibling of /github-deploy-fresh that runs one full next-release cycle end-to-end on origin/main — review-gated merge of ready pull requests, resolution of the issues the release addresses, a SemVer version bump derived from the Conventional Commits change set, a Keep-a-Changelog roll of [Unreleased] into the new version section, an annotated and signed tag published to the host's release surface, and concise current-version release notes — preserving the current-version-only release facade and the signed-release supply-chain posture where the host ratifies signing. The merge and publish steps are confirmation-gated through the structured-inquiry channel; read-only preview stages proceed without a gate.src/apothem/commands/github-deploy-next.md
perf-auditAudits a deployed repository against the per-class performance budgets at rules/performance-discipline.md §1 — hook-handler runtime (10s/30s/60s tiers), verify-ecosystem composite (30s) and per-check (5s), conformity-gate per-dispatch (1s), test-suite full (60s) and per-module (10s), agent-spawn (60s), and the shell sub-budgets at §1.1 (bootstrap.sh 500ms, bootstrap.ps1 1500ms, find-python 200ms, shellcheck 5s, Invoke-ScriptAnalyzer 10s, ruff 5s). Drives the four benchmark drivers under src/apothem/benchmarks/, identifies hot paths via USE (Utilization · Saturation · Errors) decomposition, classifies findings mechanically by exceedance — HIGH (>100%) / MEDIUM (25-100%) / LOW (≤25%) — and emits the report at the consuming suite's _inputs/perf-audit-findings.md. Measurement-only; never fabricates a budget or a measurement. Invoke with a repository path, or --focus CLASS to re-measure one class post-remediation.src/apothem/commands/perf-audit.md
plan-amendAmends, extends, refines, reverts, or weaves an existing plan suite without destroying prior resolved decisions — re-derives only the affected downstream artifacts (spec, master-plan, phases, notes), preserves the PLAN-NOTES.md decision ledger as authoritative and append-only, and routes every ambiguity through the structured-inquiry channel rather than inventing scope, identity, or decisions. The re-entrant /plan stage that revisits a converged-or-in-progress suite at any point in the spec → generate → review → execute chain.src/apothem/commands/plan-amend.md
plan-auditClosed-loop guardian of the /plan pipeline — audits a plan suite across the full cycle (spec → generate → review) and actively remediates findings rather than only reporting them, looping until zero findings remain or an iteration cap with a defined retreat is hit. Implicitly encompasses the pipeline from /plan-spec: it brings a suite at any stage to a reviewed, zero-finding whole, routes deferred or incomplete work to a sibling *-maintenance suite, and persists a bounded audit report to _outputs/.src/apothem/commands/plan-audit.md
plan-designProduces a comprehensive architectural-design artifact at the consuming suite's _inputs/design.md for architecture-bearing plan suites — six transformation phases (Input Ingest · Architectural Decomposition · Component-Interface Design · Cross-Component Binding Ratification · Design-Artifact Emission · Design Validation Gate) covering the seven-axs-of-breadth taxonomy with diagrams, ratified decision records, and a Bidirectional Binding Matrix appendix. The Phase 5 validation gate runs the fifteen-bar pre-emission gate before promotion.src/apothem/commands/plan-design.md
plan-executeExecutes a specific phase from a Master Plan Suite — ingests the phase's PHASE.md plus the suite's PROGRESS/PLAN-NOTES context, verifies prerequisites and review scorecards, implements every task with per-task commits, runs quality gates, and emits the phase REPORT.md before transitioning to the next phase (granular or continuous) — all under conformity checking, the fifteen-bar pre-emission gate, and a per-file destructive-op floor. The terminal /plan stage that turns a reviewed suite into landed, verified work.src/apothem/commands/plan-execute.md
plan-generateGenerates a complete Master Plan Suite from raw prose or an authored _spec/spec.md — ingests requirements, runs seriousness-scaled discovery with the Five Cognitive Filters, decomposes into acyclic phases, and emits PREAMBLE/MASTER-PLAN/PROGRESS/PLAN-NOTES plus per-phase PHASE.md files gated by the fifteen-bar pre-emission sweep. Mid-chain /plan stage between /plan-spec and /plan-review.src/apothem/commands/plan-generate.md
plan-reviewForensic, blind, line-by-line audit of an existing plan suite — prose fidelity, internal consistency, completeness, quality, risk, standards, domain, and architecture — then refine through interactive Q&A. Mid-chain /plan stage; emits Review Scorecards that gate downstream execution at SHARED+ and a zero-open-finding terminal verdict.src/apothem/commands/plan-review.md
plan-specRefines free-form prose, raw notes, or ad-hoc requirements into a spec-grade _spec/spec.md ready for /plan-generate. Six transformation phases (Discovery & Extraction · Meticulous Consideration · Potency Mapping · Preservation Verification · Expertise Application · Question-Resolution Sweep) governed by four operational disciplines (D1 Meticulous Consideration · D2 EXTREME Potency · D3 STRICT Preservation · D4 Extensive Expertise) under the four-discipline operational invariant (six conditions; failure on any blocks emission). Every questionable surfaces via the structured-inquiry channel per ten resolution disciplines D1–D10 across six mandatory gates G0–G5; silent defaulting is forbidden. Emits a _spec/spec.md at the suite folder + Handoff Manifest (unconditionally — even on standalone invocation). The --quick flag bypasses Forge elicitation and writes a single project-local lightweight plan file at <project-root>/.apothem/plans/<YYYY-MM-DD>--<kebab-slug>.md.src/apothem/commands/plan-spec.md
plan-statusRead-only plan-suite progress reporter — reads the suite's PROGRESS.md / PLAN-NOTES.md / phase tracking files and emits a strategic status report across the task / phase / artifact dimensions, with a --verbose health-grade and spot-check pass. The read-only /plan pipeline stage that surveys a suite at any point between /plan-generate and /plan-execute without mutating a single byte.src/apothem/commands/plan-status.md
planThe plan-suite pipeline wrapped as one dynamic multi-agent workflow. A single call drives a planning mission from raw prose to executed phases by dispatching the first-class stages — plan-spec → plan-generate → plan-review → plan-design (conditional, architecture-bearing suites) → plan-execute — as workflow phases under named Handoff-Manifest return contracts, routing every stage hand-off through a refute-by-default adversarial verification pass before the next stage consumes it, and emitting a deterministic result with a single recommended next move. Stage logic stays first-class in commands/plan-*.md; the knowledge surface stays the plan-suite skill; this command adds only the workflow harness (independent critique, return contracts, determinism). Multi-agent dispatch and continuous chaining are opt-in / confirmation-gated, never default-on.src/apothem/commands/plan.md
projectifyChat-app Project elevation command. Produces the three deliverables — Description, Instruction, knowledge Files — for a Claude Project / ChatGPT Custom GPT / Gemini Gem, freshly authored to current SOTA conventions through a structured-inquiry-saturated elicitation, elevated across order / coherence / clarity / determinism / structurality / conciseness / rigor / comprehensiveness and beyond, holding knowledge files within a measurable per-platform context budget (token-sum / discovered-platform-limit <= 0.02), with the grant to consolidate or divide files. Installs agnostically across all harnesses. Deterministic output; multi-step autonomy is opt-in / confirmation-gated.src/apothem/commands/projectify.md
release-readinessOperator-driven pre-release gate sweep against the production-ready discipline. Runs the host's quality matrix (lint, format, type-check, test), a dependency-risk pass, and the supply-chain checks (pinned actions, no secret literals, signed artifacts where ratified), then verifies the seven visibility surfaces, CHANGELOG currency, and version-to-tag consistency. Emits a single readiness verdict — READY or BLOCKED with the ordered blocking list — at the consuming suite's _inputs/release-readiness-findings.md with HIGH / MEDIUM / LOW severity triage and concrete-driver rationale per finding. SOTA references: Keep-a-Changelog, Conventional Commits, SemVer, SLSA, Sigstore.src/apothem/commands/release-readiness.md
research-analysisAnalyzes the raw data per the frozen preregistration — runs the planned statistical tests, reports effect sizes with confidence intervals (R7: never p-values alone), applies multiple-comparison correction where applicable, runs robustness and sensitivity checks, and discloses every deviation from the preregistered plan. The results-and-statistics stage of the /research pipeline. Triggered as 'run the preregistered analysis', 'compute the effect sizes and confidence intervals', 'apply the multiple-comparison correction and report what survives', 'run the robustness checks on the results', 'what does the data say against the hypothesis', or the pipeline-chained hand-off from /research-experiment. Consumes the raw data emitted by the experiment stage plus _inputs/preregistration.md and emits _outputs/analysis.md carrying the preregistered tests with effect sizes and CIs, the multiple-comparison correction, the robustness/sensitivity battery, the disclosed-deviation ledger, and null results recorded as findings — plus figures and tables at a host-natural location. Every reported result is adversarially checked refute-by-default by the fact-checker before it earns a claim.src/apothem/commands/research-analysis.md
research-designOperationalizes the synthesized research gap into testable predictions and a complete study design, then freezes the analysis plan in a preregistration before any data is collected — the design stage of the /research pipeline. Trigger phrasings: 'design the experiment', 'operationalize the hypotheses into predictions', 'what variables and controls does this study need', 'run the power analysis and pick the sample size', 'preregister the analysis plan', 'list the threats to validity', or the pipeline-chained hand-off from /research-synthesis. Consumes the suite's _inputs/synthesis.md (SOTA map + gap statement) plus _spec/research-spec.md (falsifiable hypotheses + success metrics) and emits _inputs/study-design.md (operationalized predictions, independent/dependent/control variables, sample frame, instruments, power analysis, threats-to-validity) plus _inputs/preregistration.md (the frozen analysis plan per the preregistration-discipline mandate R5). The preregistration fixes the hypotheses, the primary outcome, and the statistical tests before data collection so post-hoc flexibility cannot masquerade as a prediction; deviations are disclosed, never silent.src/apothem/commands/research-design.md
research-disseminateDrives post-acceptance dissemination and impact — preprint announcement, public artifacts, FAIR archival deposit, altmetrics and impact tracking, the reviewer rebuttal / revision loop, and the registered-report stage-2 path — the new terminal stage of the /research pipeline. Triggered as 'plan the dissemination and impact', 'announce the preprint and build the public artifacts', 'archive the data and code to a FAIR repository', 'set up altmetrics tracking', 'draft the reviewer rebuttal', or the pipeline-chained hand-off from /research-publish. Consumes the suite's _outputs/publication-record.md and emits _outputs/dissemination-plan.md carrying the preprint announcement, the public-artifact plan (talk / poster / blog), the FAIR archival deposit record (R8), the altmetrics and impact-tracking plan (R10), the rebuttal / revision loop, and the registered-report stage-2 path — the dissemination-and-impact record. The operator performs the public actions; the stage stops at a ready dissemination plan, never auto-publishes.src/apothem/commands/research-disseminate.md
research-experimentExecutes the designed study or experiment and captures raw data with full provenance — the run-and-record stage of the /research pipeline. Triggered as 'run the experiment and log it', 'execute the study and capture the data', 'collect the data per the preregistered protocol', 'record the run with full provenance', or the pipeline-chained hand-off from /research-design. Consumes the suite's _inputs/study-design.md plus _inputs/preregistration.md and emits _outputs/experiment-log.md (the timestamped protocol trace), the raw data at a host-natural location (e.g. data/), and _outputs/reproducibility-manifest.md carrying the environment snapshot, the seed, the protocol log, and the version pins so an independent party can re-run the study to the same observations. Reproducibility is the binding rigor mandate (R2): no observation enters the log without its provenance, and a null or unexpected result is recorded as faithfully as a confirming one (R3). The protocol is executed exactly as preregistered; every deviation is disclosed (R5), and the human/data-privacy and conflict-of-interest declarations are carried forward (R6).src/apothem/commands/research-experiment.md
research-ideateFormulates the problem space from zero — opportunity-and-gap scanning, invalidated-prior-hypothesis scanning, and candidate research-question generation with ranking — the new entry stage of the /research pipeline. Triggered as 'help me find a research question', 'scan the opportunity space for this domain', 'what's worth studying here', 'generate candidate research questions', 'what prior hypotheses have already been invalidated', or a fresh research engagement with no framed question yet. Frames the problem space against an a-priori theoretical anchor (R10), grounds every candidate against prior art (R1), and generates candidate research questions each stated in a falsifiable form (R3). Emits _inputs/ideation.md carrying the framed problem space, the opportunity-and-gap scan, the invalidated-prior-hypothesis scan, and the ranked candidate-question slate that /research-spec consumes, plus the Handoff Manifest at the research-suite folder.src/apothem/commands/research-ideate.md
research-paperAssembles a top-tier paper draft from the synthesis, study design, and analysis — abstract, introduction, related work, method, results, discussion, limitations, conclusion, and references — with every citation verified to resolve to a real source (R4: no phantom citations). The manuscript-assembly stage of the /research pipeline. Triggered as 'write up the results into a paper draft', 'assemble the manuscript from the synthesis and analysis', 'draft the abstract, intro, related work, method, results, discussion, and conclusion', 'turn the analysis into a paper with verified references', 'build the references section and confirm every citation resolves', or the pipeline-chained hand-off from /research-analysis. Consumes _inputs/synthesis.md (the SOTA map and gap statement), _inputs/study-design.md (the operationalized method), and _outputs/analysis.md (the confirmed results with effect sizes and CIs) and emits the paper deliverable at a host-natural location (paper/) carrying the nine canonical sections. Every reference is adversarially verified refute-by-default by the fact-checker — a citation earns its place only after it resolves to a real, retrievable source (permalink, DOI, or commit pin); a phantom or unresolvable citation never lands.src/apothem/commands/research-paper.md
research-proposalTransforms the synthesized gap and theoretical framework into a fundable, reviewable plan-of-record — the proposal stage of the /research pipeline. Triggered as 'write the research proposal', 'turn the gap into a SMART aims hierarchy', 'build the feasibility and risk register', 'plan the preregistration', 'select the EQUATOR reporting guideline', 'map the impact pathway', or the pipeline-chained hand-off from /research-synthesis. Consumes the suite's _inputs/synthesis.md and _inputs/theory.md and emits _inputs/proposal.md carrying the SMART aims hierarchy, the feasibility assessment, the resource / timeline / risk register, the impact pathway (R10), the preregistration plan (R5), and the EQUATOR reporting-guideline pre-selection (R9) — the plan-of-record that /research-design operationalizes into a frozen study design. Ethics feasibility is surfaced up front (R6).src/apothem/commands/research-proposal.md
research-publishFormats the reviewed paper to the target venue's template and assembles the complete submission package — supplementary materials, the data/code-availability statement, the cover letter, the ethics and conflict-of-interest declarations (R6), the open-access and license selection, the data/code Zenodo deposit beyond the reserved DOI, the registered-report Stage-2 path where one was preregistered, and a submission checklist gating every venue requirement. The venue-and-submission stage of the /research pipeline; its successor is /research-disseminate. Triggered as 'format the paper for the venue and build the submission package', 'write the cover letter and data-availability statement', 'declare the ethics and conflict-of-interest statements for submission', 'set up the preprint and reserve a DOI', 'run the submission checklist before I submit', or the pipeline-chained hand-off from /research-review. Consumes the paper deliverable plus _outputs/review-report.md and emits a venue-formatted submission package (paper + supplementary + data/code-availability statement + cover letter + ethics/COI declarations) at a host-natural location, a preprint/archival plan carrying the reserved DOI, _outputs/publication-record.md recording the package manifest and the checklist outcome, and a submission checklist. The operator performs the submission; the stage stops at a ready package, never auto-submits.src/apothem/commands/research-publish.md
research-reviewSubjects the finished paper to a peer-review-grade adversarial critique against venue standards — scores novelty, rigor, reproducibility, clarity, ethics, statistical review, and reporting-guideline conformance, then emits a severity-triaged required-revision list with a concrete-driver rationale per finding. Refute-by-default: every claim in the paper is treated as unsupported until the evidence in the manuscript forces otherwise. The peer-review stage of the /research pipeline. Triggered as 'review this paper like a hostile reviewer', 'run the peer-review critique against the venue bar', 'score the paper on novelty rigor reproducibility clarity ethics and statistics', 'what would Reviewer 2 reject this for', 'give me the required-revision list before submission', or the pipeline-chained hand-off from /research-paper. Consumes the paper deliverable emitted by the paper stage and emits _outputs/review-report.md carrying the seven-axis reviewer scorecard, the HIGH/MEDIUM/LOW required-revision list with per-finding concrete-driver rationale, the reproducibility-package and re-run verdict, the citation-integrity audit, and a recommend/major-revision/reject verdict. Every finding is adversarially verified refute-by-default by the fact-checker before it lands as a required revision.src/apothem/commands/research-review.md
research-sourcesSystematic source collection — the discovery-and-extraction stage of the /research pipeline. Decomposes the ratified research spec into orthogonal sub-queries, dispatches parallel discovery via the research-scout agent and the multi-source-research skill, deduplicates, ranks by authority/recency/relevance, screens against the spec's inclusion/exclusion criteria, and extracts each surviving source with full provenance. Use when a research mission has a finalized spec and needs its evidence base assembled: 'collect the sources for this question', 'gather the primary literature', 'build the source ledger', 'find and screen the references before synthesis', 'survey and extract the evidence base'. Fans external facets through research-scout (WebSearch/WebFetch + in-repo corpus), extracts per-source through the multi-source-research skill, and runs fact-checker adversarially to confirm every citation resolves. Emits sources/<id>.md per-source extractions plus _inputs/source-ledger.md (ranked, screened, deduplicated, citation-indexed). Discovery and extraction only — synthesis and the SOTA/gap map route to /research-synthesis.src/apothem/commands/research-sources.md
research-specFrames a free-form research question, raw notes, or ad-hoc research idea into a spec-grade research spec ready for /research-theory — the question-framing stage of the /research pipeline (predecessor /research-ideate). Trigger phrasings: frame this research question, turn my notes into a research spec, what's the testable hypothesis here, scope this study, define inclusion/exclusion criteria for my investigation. Re-frames the question into a falsifiable hypothesis set with stated null forms (R3), draws scope with explicit inclusion/exclusion criteria, declares independently-measurable success metrics (R2), builds a glossary for every domain term, and surfaces every ambiguity through the structured-inquiry channel instead of inventing scope, identity, or hypotheses. Emits _spec/research-spec.md (question · falsifiable hypotheses · scope · inclusion/exclusion criteria · success metrics · glossary) plus the Handoff Manifest at the research-suite folder. The --quick flag bypasses elicitation and writes a single project-local lightweight research brief at <project-root>/.apothem/plans/<YYYY-MM-DD>--<kebab-slug>.md.src/apothem/commands/research-spec.md
research-synthesisReconciles the collected sources into a state-of-the-art map, a literature matrix, and an explicit research-gap statement — the synthesis stage of the /research pipeline. Triggered as 'map the SOTA', 'synthesize the sources into a gap statement', 'what does the literature say and where is the hole', 'build the literature matrix', or the pipeline-chained hand-off from /research-sources. Consumes the suite's _inputs/source-ledger.md plus the per-source extractions under sources/ and emits _inputs/synthesis.md carrying the SOTA map, the dimension-by-source literature matrix, the contested-findings ledger, and the one-sentence gap statement the study addresses. Every load-bearing claim is adversarially verified refute-by-default by the fact-checker agent before it earns a place in the map; the source-synthesis skill drives the reconciliation.src/apothem/commands/research-synthesis.md
research-theoryBuilds the foundational conceptual and theoretical framework for a framed research question — the theoretical-grounding stage of the /research pipeline. Triggered as 'build the theoretical framework', 'draw the theory of change for this study', 'define the constructs and their operational definitions', 'build the logic model', 'what's the conceptual model here', or the pipeline-chained hand-off from /research-spec. Consumes the suite's _spec/research-spec.md and emits _inputs/theory.md carrying the conceptual / theoretical framework, the theory-of-change / logic model, the constructs with their operational definitions, and a conceptual-model diagram — the a-priori grounding (R10) that the systematic search and synthesis stages trace back to. Every construct is grounded in primary theory (R1), every theorized relation is stated in a refutable form (R3).src/apothem/commands/research-theory.md
researchThe research pipeline wrapped as a single dynamic multi-agent workflow. A single call drives a research mission from a raw idea to a disseminated, peer-reviewed paper by dispatching the first-class stages — research-ideate → research-spec → research-theory → research-sources → research-synthesis → research-proposal → research-design → research-experiment → research-analysis → research-paper → research-review → research-publish → research-disseminate — as workflow phases under named Handoff-Manifest return contracts, routing each stage's hand-off through a refute-by-default verification pass before the next stage consumes it, and emitting a deterministic result with a single recommended next move. Invoke it with a research question or domain ('research whether X causes Y', 'investigate the SOTA on Z', 'run the study from idea to paper'), an existing research suite path to resume, or --quick for a one-shot cited report. Stage logic stays first-class in commands/research-*.md and the knowledge surface stays the research-suite skill; this command adds only the workflow harness (independent critique, return contracts, determinism). Multi-agent dispatch and continuous chaining are opt-in / confirmation-gated, never default-on.src/apothem/commands/research.md
security-auditPerforms a comprehensive security posture audit of a host repository against OWASP ASVS v4.0.3+, OWASP Top 10 (2021), and CWE Top 25 (2024). Six audit phases (Input Ingest · Secrets + Permissions Sweep · Input-Validation + Injection-Surface Walk · Deserialization + Path-Traversal + RCE Audit · Dependency-CVE + CodeQL Sweep · Findings Emission + Validation Gate) cover secrets-management, input-validation, shell-injection surfaces, SQL-injection surfaces, deserialization safety, path-traversal, dependency CVEs via pip-audit and safety, CodeQL findings disposition, and permission-scope analysis. Emits a severity-ranked findings artifact at the consuming suite's _inputs/security-audit-findings.md with concrete-driver rationale and recommended remediation per finding.src/apothem/commands/security-audit.md
supply-chain-auditOperator-driven supply-chain audit pass against SLSA + Sigstore + SBOM. Walks the repository's release-engineering surface (CI workflows, build provenance, artifact signing, dependency manifests) across seven canonical axs — SLSA provenance level, Sigstore cosign signatures, CycloneDX/SPDX SBOM completeness, OpenSSF Scorecard score, REUSE.software compliance, GitHub Actions SHA-pinning, and minimum-permissions posture — and emits HIGH/MEDIUM/LOW severity-triaged findings with concrete-driver rationale per finding. SOTA references: SLSA, Sigstore, in-toto, OpenSSF Scorecard, SCITT, REUSE. Read-only diagnostics; never remediates. Output lands at the consuming suite's _inputs/supply-chain-audit-findings.md. Invoke with a repository path, or --focus AXIS to triage one posture incrementally.src/apothem/commands/supply-chain-audit.md
test-suiteBehavior-first test authoring and execution workflow for a deployed repository. Discovers the host's ratified test framework, coverage tooling, and behavior contracts via host-discovery, authors behavior-shaped AAA tests through the test-authoring skill, runs them through the test-runner agent, triages failures into actionable findings, and reports coverage gaps against critical paths. Tests are named for the behavior they assert, follow the Arrange / Act / Assert shape, and never depend on test ordering. Output lands at the consuming suite's _inputs/test-suite-report.md with per-test outcomes, failure triage, and coverage-gap findings carrying concrete-driver rationale.src/apothem/commands/test-suite.md
threat-model-auditOperator-driven threat-modeling audit pass against STRIDE + PASTA. Walks the repository's architecture, data-flow, and trust-boundary surfaces, applies STRIDE per element (Spoofing · Tampering · Repudiation · Information disclosure · Denial of service · Elevation of privilege) and the PASTA seven-stage pass, classifies threat actors against the canonical taxonomy, and emits per-threat findings with trust-boundary citation, MITRE ATT&CK references, mitigation posture, and residual-risk acceptance — HIGH/MEDIUM/LOW severity-triaged with concrete-driver rationale. SOTA references: STRIDE (Microsoft), PASTA (VerSprite), OWASP Threat Modeling, MITRE ATT&CK. Terminal command of the audit fortress — ratifies TIER 3 convergence. Read-only diagnostics; never remediates. Output lands at the consuming suite's _inputs/threat-model-audit-findings.md. Invoke with a repository path, or --focus BOUNDARY_OR_ACTOR to model one attack chain incrementally.src/apothem/commands/threat-model-audit.md
ux-reviewDeveloper-experience review of a host repository — audits CLI ergonomics (argument naming, help text, error messages, progress indicators), installation flow, documentation discoverability, per-harness install parity, dev-loop ergonomics, and error-recovery affordances. Reads every surface from the first-time-operator posture, never the maintainer's familiar terrain. Reference frame: clig.dev Command Line Interface Guidelines, Nielsen Norman Group ten usability heuristics, GNU coreutils convention manual. Read-only against the host; emits a severity-ranked findings ledger at the consuming suite's _inputs/ux-review-findings.md with HIGH/MEDIUM/LOW classifications grounded in concrete-driver rationale. Invoke with a repository path, or --focus SURFACE to re-run one surface after a remediation cycle.src/apothem/commands/ux-review.md
workflowGeneral-purpose workflow-harnessing command. Entry form '/goal <<mission>>'. Drives genuinely-independent multi-agent dynamic workflows under named return contracts, subjects every finding to an EXTREMELY-CRITIQUE refute-by-default verification pass before it survives, is granted to identify and remediate issues beyond the literal mission (each disclosed per the change ledger), self-augments from current authoritative SOTA sources rather than memory alone, and emits deterministic output with a single recommended next move. Multi-agent dispatch and auto-execution are opt-in / confirmation-gated, never default-on.src/apothem/commands/workflow.md

On this page